CVE-2026-23062

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INSTANCE_ID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used '<=' instead of '<', causing access beyond array bounds. Since array indices are 0-based and go from 0 to instances_count-1, the loop should use '<'. 2. Missing NULL check: The code dereferenced attr_name_kobj->name without checking if attr_name_kobj was NULL, causing a null pointer dereference in min_length_show() and other attribute show functions. The panic occurred when fwupd tried to read BIOS configuration attributes: Oops: general protection fault [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:min_length_show+0xcf/0x1d0 [hp_bioscfg] Add a NULL check for attr_name_kobj before dereferencing and corrects the loop boundary to match the pattern used elsewhere in the driver.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/193922a23d7294085a47d7719fdb7d66ad0a236f	Patch
https://git.kernel.org/stable/c/25150715e0b049b99df664daf05dab12f41c3e13	Patch
https://git.kernel.org/stable/c/eb5ff1025c92117d5d1cc728bcfa294abe484da1	Patch
https://git.kernel.org/stable/c/eba49c1dee9c5e514ca18e52c545bba524e8a045	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.19:rc6::::::

History

13 Mar 2026, 21:28

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: platform/x86: hp-bioscfg: Corrección de pánico del kernel en la macro GET_INSTANCE_ID La macro GET_INSTANCE_ID que causó un pánico del kernel al acceder a los atributos de sysfs: 1. Error de uno: La condición del bucle usaba '<=' en lugar de '<', causando acceso más allá de los límites del array. Dado que los índices del array están basados en 0 y van de 0 a instances_count-1, el bucle debería usar '<'. 2. Falta de comprobación de NULL: El código desreferenció attr_name_kobj->name sin comprobar si attr_name_kobj era NULL, causando una desreferencia de puntero nulo en min_length_show() y otras funciones de visualización de atributos. El pánico ocurrió cuando fwupd intentó leer atributos de configuración del BIOS: Oops: general protection fault [#1] SMP KASAN NOPTI KASAN: null-ptr-deref en el rango [0x0000000000000000-0x0000000000000007] RIP: 0010:min_length_show+0xcf/0x1d0 [hp_bioscfg] Añade una comprobación de NULL para attr_name_kobj antes de desreferenciar y corrige el límite del bucle para que coincida con el patrón usado en otras partes del controlador.
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/193922a23d7294085a47d7719fdb7d66ad0a236f -~~	() https://git.kernel.org/stable/c/193922a23d7294085a47d7719fdb7d66ad0a236f - Patch
References	~~() https://git.kernel.org/stable/c/25150715e0b049b99df664daf05dab12f41c3e13 -~~	() https://git.kernel.org/stable/c/25150715e0b049b99df664daf05dab12f41c3e13 - Patch
References	~~() https://git.kernel.org/stable/c/eb5ff1025c92117d5d1cc728bcfa294abe484da1 -~~	() https://git.kernel.org/stable/c/eb5ff1025c92117d5d1cc728bcfa294abe484da1 - Patch
References	~~() https://git.kernel.org/stable/c/eba49c1dee9c5e514ca18e52c545bba524e8a045 -~~	() https://git.kernel.org/stable/c/eba49c1dee9c5e514ca18e52c545bba524e8a045 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:6.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.19:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.19:rc3::::::
First Time		Linux Linux linux Kernel

04 Feb 2026, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-04 17:16

Updated : 2026-03-13 21:28

NVD link : CVE-2026-23062

Mitre link : CVE-2026-23062

CVE.ORG link : CVE-2026-23062

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10